From owner-freebsd-net  Thu Oct 26 21:23:54 2000
Delivered-To: freebsd-net@freebsd.org
Received: from rapidnet.com (rapidnet.com [205.164.216.1])
	by hub.freebsd.org (Postfix) with ESMTP id BF35237B479
	for <freebsd-net@FreeBSD.ORG>; Thu, 26 Oct 2000 21:23:51 -0700 (PDT)
Received: from localhost (nick@localhost)
	by rapidnet.com (8.9.3/8.9.3) with ESMTP id WAA95275;
	Thu, 26 Oct 2000 22:23:48 -0600 (MDT)
Date: Thu, 26 Oct 2000 22:23:39 -0600 (MDT)
From: Nick Rogness <nick@rapidnet.com>
To: John Telford <j.telford@sympatico.ca>
Cc: freebsd-net@FreeBSD.ORG
Subject: Re: Multihomed natd, nics and default gateways continued.
In-Reply-To: <001701c03fc6$f92d3d60$0100000a@johnny5>
Message-ID: <Pine.BSF.4.21.0010262159380.29371-100000@rapidnet.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 26 Oct 2000, John Telford wrote:

> > natd2           8669/divert # Network Address Translation
> >
> > Then run the nat`s seperately:
> >
> >   root# natd -p 8668 -n fxp0
> >   root# natd -p 8669 -n fxp1
> 
> The proper place to have these load at boot would be rc.conf or rc.local or

	It's really up to you, but rc.conf is probably the best place.
	In /etc/rc.conf:

	  defaultrouter="NO"
	  static_routes="0 1 2"
	  route_0="-net 0.0.0.0 -netmask 128.0.0.0 AAA.AAA.AAA.AAA"
	  route_1="-net 128.0.0.0 -netmask 128.0.0.0 AAA.AAA.AAA.AAA"
	  route_2="default BBB.BBB.BBB.BBB"

	Where AAA.AAA.AAA.AAA is the default gateway for ISP A and
	BBB.BBB.BBB.BBB is the default gateway for ISP B.

> ?
> >
> >    For routing:
> >
> >     Add 2 default routes, one primary (ISP A) and one backup (ISP
> >     B).  Since ISP A is a prefered route...it gets the more specific
> >     route:
> >
> >       root# route add -net 0.0.0.0 $GATEWAY_IP_ISP_A -netmask 128.0.0.0
> >       root# route add -net 128.0.0.0 $GATEWAY_IP_ISP_A -netmask 128.0.0.0
> >
> >       root# route add -net 0.0.0.0 $GATEWAY_IP_ISP_B -netmask 0.0.0.0
> My tcp/ip is weak, how does  applying a route for 128.0.0.0 work here ? or
> what happens in the box if ISP_A goes down ?


	What happens is traffic normally flows to ISP A because it has a
	more specific route to get to a any given network 0.0.0.0/8 &
	128.0.0.0/8.  The reason for this is because FreeBSD doesn't have
	support (yet) for 2 routes to the same network.  Since 0.0.0.0/8
	& 128.0.0.0/8 are more specific routes to the 0.0.0.0/0 network
	they take precedence.

	However, if ISP A becomes unreachable, FreeBSD will mark the route
	for those networks (0.0.0.0/8 & 128.0.0.0/8) as unreachable.  This
	will force routing to use the next specific route (0.0.0.0/0) to
	be triggered and traffic will start to flow across to ISP B and
	start using the natd2 address translation.

	This is not a prefect design.  Some things will break during the
	switch-over (like FTP during a file transfer).  However, things
	should work after the switch over.

Nick Rogness
- Drive defensively.  Buy a tank.





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message